A malformed netbios packet, sent over the local network, causes the network code in Windows to go into an infinite loop. The system does not visibly crash, it just locks up. Netbios packets are not normally routed so the attack would have to come from the local network, not from the Internet.

The researcher, Laurent Gaffié, says in his advisory that he contacted the MSRC (Microsoft Security Response Center) about the bug on November 8 and that they acknowledged it the same day. This probably only means that they acknowledged receiving the report, not that they acknowledged the impact and severity. Then he says that on November 11 "MRSC try to convince me that multi-vendor-ipv6 bug shouldn't appears on a security bulletin." I have no idea what this means, since I don't think IPv6 has anything to do with this vulnerability, nor are other vendors involved.

Automatic Renewal Program: Your subscription will continue without interruption for as long as you wish, unless
you instruct us otherwise. Your subscription will automatically renew at the end of the term unless you authorize
cancellation. Each year, you'll receive a notice and you authorize that your credit/debit card will be charged the
annual subscription rate(s). You may cancel at any time during your subscription and receive a full refund on all
unsent issues. If your credit/debit card or other billing method can not be charged, we will bill you directly instead. Contact Customer Service